Dynamic program analysis involves the analysis of a computer program while it is executing in real-time. It may be used for various applications including intrusion detection and prevention, bug discovery and profiling, corruption detection and identifyinig non-fatal memory leaks.
Dynamic program analysis adds overhead to the execution of the computer program because it is executed “inline” with program execution. It requires the dynamic loading of special libraries or recompiling the computer program to insert analysis code into the program's executable. Some dynamic program analysis (e.g., instrumentation and probing functionality, etc.) can add sufficient overhead to the execution of the program to perturb the processor workload and even cause “heisenbugs,” i.e., where the phenomena under observation is changed or lost due to the measurement itself. For example, dynamic program analysis commonly used for detecting buffer overflows or use of undefined memory routinely incur overheads on the order of 10-40×, rendering many production workloads unusable. Even in nonproduction settings, such as program development or quality assurance, this overhead may dissuade use in longer more realistic tests. As such, to minimize performance costs, dynamic program analysis tools today perform a minimal set of checks, meaning that many critical software flaws can remain overlooked.